Download: MigrationProjectTasks.xls
Responsible |
Week |
Status |
Category |
Description |
|---|---|---|---|---|
| Patrick | 1/1/07 | Done | DR & BCP | Test restoring various files from servers to make sure backup client is working |
| John | 1/1/07 | Done | Accounts | Documentation: MIT Kerberos cross-realm authentication for the Unity domain -What is it? -Benefits/drawbacks -How to configure a workstation |
| John | 1/1/07 | Done | Printing | Documentation: Printing (these are from John's overview page) -Non accounted printing -Point and print setup -We need a diagram of how print drivers are installed on windows clients |
| John | 1/1/07 | Done | Roaming Profiles | Test if roaming profiles can be disabled on certain workstations |
| John | 1/1/07 | Done | Computer Objects | Test if a computer account can be forcibly renamed |
| Andy | 1/22/07 | Done | Storage & DFS | Reorganize DFS based on 1/12/07 planning |
| Andy | 1/29/07 | Done | Naming Conventions | Design user, computer, group, and GPO naming conventions |
| Andy | 1/29/07 | Done | SMS OSD | Documentation: How to install a pilot workstation the OSD install CD |
| Andy | 1/29/07 | Done | SMS OSD | Documentation: Overview of SMS OSD -Technologies used -Future plans |
| Patrick | 2/5/07 | Done | Policies | Policy: Configure and maintain scratch space -Local space users can write to -Must be cleared for each user |
| Patrick | 2/5/07 | Done | Policies | Create policy to enable firewall logging and set the log size |
| Andy | 2/5/07 | Done | Accounts | Documentation: Unity accounts -Where are they reside in the domain -Same creation mechanism as other ITD accounts, updated every 5 minutes -Passwords synchronized -Goal of other groups using accounts |
| Andy | 2/5/07 | Done | Accounts | Documentation: Non-Unity accounts -Guidelines for naming them -Where you can make them -Why names must be unique |
| Andy | 2/5/07 | Done | Accounts | Documentation: Unity account attributes -What attributes are set on Unity AD accounts -Where does the data come from -We want suggestions -We are willing to set additional attributes if appropriate |
| Andy | 2/5/07 | Done | Naming Conventions | Documentation: GPO naming convention |
| Andy | 2/5/07 | Done | Naming Conventions | Documentation: workstation naming convention |
| Andy | 2/5/07 | Done | Naming Conventions | Documentation: group naming convention |
| Andy | 2/5/07 | Done | Naming Conventions | Rename existing GPOs according to naming conventions |
| Andy | 2/5/07 | Done | Policies | Policy: Set desktop background image and color |
| Andy | 2/5/07 | Done | Policies | Policy: Set login background image -Create the image used for pilot testing |
| Andy | 2/5/07 | Done | Policies | Remove "allow local port and program firewall settings" from the firewall GPOs -Create separate policy to set this and link it correctly |
| Andy | 2/5/07 | Done | Policies | Create GPOs for all of the policies listed in the blog and forums -General lab environment GPOs begin with UNITY |
| Andy | 2/5/07 | Done | Computer Objects | Investigate if there is a way to prevent a workstation from joining the domain if an object already exists -What should the permissions be? |
| Tom | 2/12/07 | Andy will check in with Tom during week of 2/12 | Applications | Create SMS package to access AFS from the desktop -Installs necessary components -Creates shortcut on desktop |
| Patrick and Andy | 2/12/07 | Departmental Lockers | Design: Departmental locker space -Link to DFS -Configure backups -Set quotas -Set permissions |
|
| Patrick | 2/12/07 | Space was created. Need to link DFS. | Departmental Lockers | Configure pilot testing storage space for departments -Create volume if necessary -Link to DFS |
| Patrick | 2/12/07 | Ties to default domain profile research | Policies | Policy or other mechanism: create a shortcut to user's home directory on the desktop -User must be able to delete it -Must not reappear if a user deletes it -Must be able to control which workstations it happens on |
| Patrick | 2/12/07 | Default User Profile | Design: domain-wide default user profile -Figure out what should be applied to domain-wide profile -Figure out best practices -Can user policies be used to configure something ~once~ (prevent reappearing at every logon) |
|
| Patrick | 2/12/07 | Default User Profile | Documentation: Unity domain central default user profile -What is it -Who gets it and when -What is configured special -Philosophy: since domain-wide, we won't apply settings or add things that aren't universally desired |
|
| Patrick | 2/12/07 | Policies | Documentation: Scratch space -Where is it? -What's it for? -When is it deleted? |
|
| John | 2/12/07 | Done. Include blurb about "enforced" if necessary. | Policies | Design & Documentation: How Unity group policies will be applied to workstations -Loopback processing -Where are they linked? -Should any be enforced? |
| John | 2/12/07 | Departmental OUs | Documentation: departmental OUs -Finalize name given to top-level OUs -Describe attribute storing Remedy workgroup -Initial permissions granted to OU -What departments can do with their OU |
|
| John | 2/12/07 | Printing | Documentation: Print server installation and management (internal) | |
| Joe | 2/12/07 | After space is initially configured. | Departmental Lockers | Documentation: Departmental locker space -Where it resides -DFS, how to access the space -What it can be used for -Backup and replication features -Quotas -Future plans |
| Joe | 2/12/07 | Security | Documentation: Default domain security policies (aka describe the Default Domain GPO) -What is configured and why -Background info, special characteristics of this GPO, inheritance -Microsys philosophy behind what is and what is not applied via this GPO -Who/what it applies to |
|
| Joe | 2/12/07 | VCL | Set up VCL image to test the pilot environment -Joins domain automatically and computer account is in the correct place -SMS client installed -Image gets pilot group policies -Should be very similar to workation installed via pilot CD |
|
| Joe | 2/12/07 | VCL | Documentation: Leveraging VCL for the Active Directory environment -Describe how a VCL image automatically joins the domain -Where are scripts, images located? -What VCL access is needed from to create and customize an image? -How does VCL use Sysprep and can we customize it? |
|
| Joe | 2/12/07 | WSUS | Rename server WSUS is on (FS??) to WSUS00 | |
| Debbie, input from Andy | 2/12/07 | Departmental GPOs | Documentation: Departmentmental GPO Overview -Page shouldn't be too technical. It should descripe the capability we offer. We'll eventually have technical GPO documentation. -How departments can create GPOs -What tools are needed? -What permissions are needed (which) -How to apply GPOs -How to block GPOs |
|
| Debbie | 2/12/07 | Home Directories | Design & Documentation: Unity user home directories -This is new space -How much is allotted for now -Intended use of home directories (not for profiles) -Future plans for quota manager -Home directory drive letter -Shortcut to home directory on desktop |
|
| Debbie | 2/12/07 | Project | Documentation: Pilot Overview (John already created one, update as necessary) | |
| Andy and John | 2/12/07 | Internal | Design: ITD's internal domain best practices -How are permissions configured -Where do various object go? -Group design, inheritance, naming, roles… |
|
| Andy | 2/12/07 | This is working. Contact Charles to simplify output 2/12 | Accounts | Check the Sysnews user lookup utility. Active Directory account information should be displayed. -Make sure the dates and times are correct and report anything that is wrong -Recreate an account to make sure the created date is right -Reset a password to make sure the last set is correct -Login to a workstation with the account using both UNITY and EOS.NCSU.EDU. Report if the logon dates/times are correct. |
| Andy | 2/12/07 | Policies | Documentation: describe all of the default Unity lab policies -What are policies named -What they do -Reasoning for each policy -Links to John's auto-geneated policy pages -Who can use them |
|
| Andy | 2/12/07 | SMS | Documentation: How to install and configure the SMS Administrator Console | |
| Andy | 2/12/07 | SMS OSD | Documentation: What is included in the base OSD pilot image? -Drivers -Applications |
|
| Andy | 2/12/07 | SMS OSD | Update OSD image -Include identified missing drivers -Fix lmhosts -Fix file permissions -Improve documentation |
|
| Patrick | 2/19/07 | DR & BCP | Documentation: How data is backed up in the new environment -What is being backed up? -Link backup logs somewhere on Microsys site |
|
| Patrick | 2/19/07 | Storage & DFS | Design and Documentation: File system quotas -Research file system quotas and decide how they should be applied -Create page describing how to configure quotas |
|
| John | 2/19/07 | Done. 212 has special issues. Try on another printer. | Printing | Test printing on pilot workstation -Add, remove, change printer -Delete print job -Check that accounting is working correctly and synchronized |
| John | 2/19/07 | Storage & DFS | Documentation: What servers have what volumes and what are they intended for? (internal) | |
| Joe | 2/19/07 | Put off until week of 2/19 | Accounts | Documentation: What you can do with ITD's Unity accounts? -Add to your own groups (grant access to things, assign GPO apps, filter GPOs, many other things) -Login to workstations if joined to domain -Access shares -Login to your own domain and how (describe how trusts basically work) |
| Joe | 2/19/07 | WSUS | Documentation: Link WSUS management utility URLs somewhere on Microsys site | |
| Joe | 2/19/07 | WSUS | Documentation: How to configure workstations to use WSUS -Group policy method -Manual method -Registry file |
|
| Joe | 2/19/07 | WSUS | Documentation: How to manage WSUS (internal) -What routine tasks should be done? |
|
| Joe | 2/19/07 | WSUS | Documentation: How to set up WSUS services on a server (internal) | |
| Joe | 2/19/07 | WSUS | Documentation: ITD's WSUS service -Benefits -Who should use it (what workstations?) -Current infrastructure -Update procedures and schedule -When are updates made available? -What process is used to approve updates? -Are all updates approved? -What updates are currently being held back? |
|
| Joe | 2/19/07 | Security | Documentation: Security overview -Try to ease fears with this page -List and describe all security measures -Default Domain policy -Server and client firewalls controlled via policy -WSUS -SAV -Limited access to domain configuration |
|
| Joe | 2/19/07 | Storage & DFS | Design and Documentation: ITD DFS root -How are permissions configured? (Inheritance) -Where things should go -What is public? |
|
| Joe | 2/19/07 | VCL | Documentation: Testing the new environment using VCL -How to I get to it? (start to finish, URL, login ID) -What is included in the VCL image? -What to test? |
|
| Debbie | 2/19/07 | Policies | Test all of the Unity GPOs -Do they work? -Is the GPO description clear and accurate? -Are any policies undesirable? |
|
| Andy and John | 2/19/07 | Internal | Documentation: How ITD manages it's internal resources -Meant as guidelines for ITD admins -Recommended for other units |
|
| All | By 2/26 | Naming Conventions | Rename existing non-Unity users according to naming conventions | |
| All | By 2/26 | Naming Conventions | Rename existing groups according to naming conventions | |
| John | By 3/12 | Printing | Demonstrate printing architecture for Microsys -Servers and deamons that make this happen -How to do basic troubleshooting |
|
| Joe | By 3/12 | WSUS | Demonstrate WSUS for Microsys -How to configure it -How GPOs are configured -How to push or block updates |
|
| Debbie | By 3/5 | Project | Discuss timeline with Microsys and revise web page | |
| Debbie | By 3/5 | Project | Update campus on progress | |
| Debbie | By 3/5 | Project | Documentation: New environment overview (old pages are very obsolete but some information can be used) -Project goals -Background information -Reasoning -History -Link to pilot overview -Link to all other documentation (highlight most useful documentation) -Include timeline |
|
| Debbie | By 3/5 | Project | Documentation: New environment/Unity domain philosophy -What applies universally? (Default Domain policies, default user profile, anything else?) -"Nothing is forced upon you" unless absolutely necessary -Departments can pick and choose services (accounts, apps, policies) -Provide easy to install, complete lab environment -Customizable |
|
| Debbie | By 3/5 | Project | Documentation: Microsoft licensing -What do we have licenses for? -What do we provide for departements? -What do departments need to buy? |
|
| Andy | By 3/5 | SMS OSD | Demonstrate OSD features for Microsys | |
| All | By 3/5 | DNS | Remove everything but servers from "unity.ad.ncsu" DNS domain | |
| Debbie | Throughout | Throughout project | Project | Review all documentation as pages are generated -Notify when reviewed -Figure out best way to markup document or comment |
| John | Hold indefinitely. More trouble than worth right now. | Web | Making the automatically created GPO pages available to campus admins -Authenticate to web pages using something other than WRAP? |
|
| John | Waiting on directories to be created | Roaming Profiles | Documentation: How to configure roaming profiles in the Unity domain -How does ITD configure them and on which Ous? -Include how to disable them |
|
| John | Storage & DFS | Documentation: DFS overview and reasoning -Describe DFS layout -Describe DFS and ITD roots -ITD provides departmental DFS roots as a service |
||
| Joe | Remote Assistance | Design and Document: Remote assistance features for the new environment -Decide which feaures should be available -Create GPOs to control availability -Internal document: Remote Assistance configuration and policies |
||
| Joe | Remote Assistance | Documentation: What is remote assistance and how do I use it? -Audience: Campus admins and end users -Include screenshots |
||
| Ed | Training | Identify training needs and possibilities -Work with campus -Identify and priortize campus needs -Figure out what's feasible |
||
| Ed | Training | Documentation: Page outlining our plans for training -Training options -Recommendations |
||
| Debbie | Waiting on directories to be created and configured | Roaming Profiles | Documentation: Roaming profile overview -Pros/cons of roaming profiles -What is our plan? -Hidden from user -Departments can opt in or out |
|
| Andy | Create/update problems arise | SMS OSD | Documentation: OSD common problems and resolutions -Update as things are learned |
|
| Andy | Hold for later date | SMS | Documentation: How to configure SMS collections (internal documentation for now) | |
| Andy | Hold for later date | SMS | Documentation: How to create an SMS application (internal documentation for now) | |
| Andy | Hold for later date | SMS | Documentation: SMS application delivery overview -What you need -Terminology -How apps are distributed to workstations -When apps should be distributed to workstations -Departments can still use group policies |
|
| Andy | Hold for later date (before others begin testing) | SMS OSD | Documentation: OSD installation ISO download page -Figure out where ISO will reside and how web server will link to it |
|
| Andy | Waiting for home directory/profiles to be configured | Applications | Configure existing SMS applications to use user's home directory and profile -Dependency: home directory and profile architecture and paths must be determined |
|
| Andy | Aplications | Documentation: Applications included for pilot testing -Office 2003, Firefox, Thunderbird -How/when they should be installed -Where shortcuts will appear |
||
| All | As image is updated | SMS OSD | Testing OSD image on different hardware -Have tested GX400, GX260, GX270, 745 -Haven't tested GX280, GX620, Profile 5, 5.5, and 6 |
|
| Hold for later date | DR & BCP | Documentation: Measures taken to create a fault tolerant and redundant architecture -Multiple DCs, FSs -Backend multisite SMS filesystem -Future enhancements: redundant SMS servers, file replication -Also include what our single points of failure are for completeness |
||
| Hold for later date | Security | Enable firewall on all servers -See if anything breaks and resolve problems |
||
| Hold for later date (before others begin testing) | Security | Test file system security -Login as completely nonprivileged user -Connect to every share on every server -Browse entire DFS tree -Make sure you can't access what you shouldn't be able to -Create scripts that help make this easier and consistent |
||
| Hold for later date (before others begin testing) | Security | Test domain security -Login as completely nonprivileged user -Enumerate domain objects you have write rights to -Make sure you can't read anything you shouldn't be able to -Create scripts that help make this easier and consistent |
||
| Waiting for reconfiguration of apps to use home directory/profile | Applications | Test existing SMS applications on a pilot workstation -When did they get installed? -Do they work correctly? -Are user settings right for Firefox and Thunderbird? |
Sysnews
Unity Forums
Microsys Blog
Documentation